My Oracle Support Banner

Changing the Password of an EBS - OID Provisioned User in OIM Fails: ORA-20001: Insufficient access. (USER_NAME=<USERNAME>) / ORA-06512: at "APPS.OIM_FND_USER_<SUFFIX>". Or, from API: ORA-31202: DBMS_LDAP: LDAP client/server error: Insufficient access (Doc ID 2741777.1)

Last updated on JANUARY 07, 2021

Applies to:

Oracle Internet Directory - Version 11.1.1 and later
Oracle E-Business Suite Technology Stack - Version 11.0.1 and later
Information in this document applies to any platform.

Symptoms

Provisioned a new user in EBusiness Suite (EBS). Its password is changeable from EBS user form but when changing its password from Oracle Identity Manager (OIM) returns the error below:

<Oct 30, 2020 12:58:32 AM PKT> <Error> <ORG.IDENTITYCONNECTORS.EBS.EBSCONNECTOR> <BEA-000000> <org.identityconnectors.ebs.EBSConnector : update : Error while updating User : MESSAGE_OBJECT_CLASS___ACCOUNT__ 6216 Error : Error while updating User : MESSAGE_OBJECT_CLASS___ACCOUNT__ 6216 Error : java.sql.SQLException: ORA-20001: Unabled to call fnd_ldap_wrapper.update_user due to the following reason:
ORA-20001:  Insufficient access. (USER_NAME=<USERNAME>)
ORA-06512: at "APPS.OIM_FND_USER_<SUFFIX>", line 658
ORA-06512: at line 1
>
<Oct 30, 2020 12:58:32 AM PKT> <Error> <ORG.IDENTITYCONNECTORS.EBS.EBSCONNECTOR> <BEA-000000> <org.identityconnectors.ebs.EBSConnector : rollback : Perf: Rolling the changes back started>
<Oct 30, 2020 12:58:32 AM PKT> <Error> <ORG.IDENTITYCONNECTORS.EBS.EBSCONNECTOR> <BEA-000000> <org.identityconnectors.ebs.EBSConnector : rollback : Perf: Rolling the changes back completed>
<Oct 30, 2020 12:58:32 AM PKT> <Error> <ORACLE.IAM.CONNECTORS.ICFCOMMON.PROV.ICPROVISIONINGMANAGER> <BEA-000000> <oracle.iam.connectors.icfcommon.prov.ICProvisioningManager : doUpdate : Error while updating user
org.identityconnectors.framework.common.exceptions.ConnectorException: Error while updating User : MESSAGE_OBJECT_CLASS___ACCOUNT__ 6216 Error : org.identityconnectors.framework.common.exceptions.ConnectorException: Error while updating User : MESSAGE_OBJECT_CLASS___ACCOUNT__ 6216 Error : java.sql.SQLException: ORA-20001: Unabled to call fnd_ldap_wrapper.update_user due to the following reason:
ORA-20001:  Insufficient access. (USER_NAME=<USERNAME>)
ORA-06512: at "APPS.OIM_FND_USER_<SUFFIX>", line 658
ORA-06512: at line 1

       at org.identityconnectors.ebs.EBSConnector.update(EBSConnector.java:269)
       at org.identityconnectors.framework.impl.api.local.operations.UpdateImpl.update(UpdateImpl.java:93)
       at sun.reflect.GeneratedMethodAccessor3772.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
       at java.lang.reflect.Method.invoke(Method.java:606)
       at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:93)
       at com.sun.proxy.$Proxy535.update(Unknown Source)


Or, from a sample test api:

fnd.plsql.oid.fnd_ldap_user.update_user[proc]: count is > 0 - call ProcessUpdateRec passing ldap session
fnd.plsql.oid.fnd_ldap_user.ProcessUpdateRec: Begin
fnd.plsql.oid.fnd_ldap_user.ProcessUpdateRec: ORA-31202: DBMS_LDAP: LDAP client/server error: Insufficient access
fnd.plsql.oid.fnd_ldap_util.unbind: Begin
fnd.plsql.oid.fnd_ldap_util.unbind: End
fnd.plsql.oid.fnd_ldap_user.update_user[proc]: ORA-31202: DBMS_LDAP: LDAP client/server error: Insufficient access
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: Begin
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: Error Msg : ORA-31202: DBMS_LDAP: LDAP client/server error: Insufficient access
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: l_err_code : FND_SSO_LDAP_PWD_POLICY_ERR
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: l_tmp_str:  Insufficient access
fnd.plsql.oid.fnd_ldap_errm.translate_ldap_errors: End
fnd.plsql.APP_EXCEPTION.RAISE_EXCEPTION.dict_auto_log Insufficient access
fnd.plsql.APP_EXCEPTION.RAISE_EXCEPTION.dict_auto_log "Unabled to call fnd_ldap_wrapper.update_user due to the following reason:
ORA-20001:  Insufficient access. (USER_NAME=<USERNAME>)"
fnd.plsql.APP_EXCEPTION.RAISE_EXCEPTION.dict_auto_log "Unabled to call fnd_ldap_wrapper.update_user due to the following reason:
ORA-20001:  Insufficient access. (USER_NAME=<USERNAME>)"
fnd.plsql.MO_GLOBAL.INIT.begin Calling PL/SQL procedure MO_GLOBAL.INIT


Removing FND_USER.USER_GUID entry for the user allows the password to be successfully changed from OIM. But if the table has an entry for the user, it fails.

Previously it was identified that those users who have FND_USER.USER_GUID value returns the error when their passwords are updated from OIM. But now the username have FND_USER.USER_GUID value and its password is updatable from EBS form and OIM.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.